» SuperSocket.ClientEngine.Protocol.dll
Overview
Analysis
File Details
Programs (1)

SuperSocket.ClientEngine.Protocol.dll

SuperSocket ClientEngine

Pani Poni Network

This adware is a web browser extension that will inject advertising in the browser in the form of unwanted banners and text-links which may link to malware sites and install unwanted software. The module SuperSocket.ClientEngine.Protocol.dll, “SuperSocket.ClientEngine.Protocol for .NET 2.0” by Pani Poni Network has been detected as adware by 13 anti-malware scanners. This file is typically installed with the program videos+ MediaPlayer+ by Gogo Network Club which is a potentially unwanted software program. The library is built using the Crossrider cross-browser extension toolkit. While the file utilizes the Crossrider framework and delivery services, it is not owned by Crossrider. It is part of the Brightcircle group of web-extensions that inject advertisements in the browser.

File name:

Publisher:

SuperSocket (signed by Pani Poni Network)

Product:

SuperSocket ClientEngine

Description:

SuperSocket.ClientEngine.Protocol for .NET 2.0

Version:

0.3.0.0

MD5:

700905da8dbe8a157b0ffbe5689dfef8

SHA-1:

b0c2d5bfab80c572351b901ce326aeccf8c6ed10

SHA-256:

8d57152c927476d7d168c2ae54e4166b129d2a166047a2ce3c10250e61cfaa49

Scanner detections:

13 / 68

Status:

Adware

Explanation:

The software may change the browser's home page and search provider settings as well as display advertisements.

Analysis date:

4/25/2024 9:20:31 PM UTC (today)

Scan engine

Detection

Engine version

Avira AntiVirus

Adware/CrossRider.pl

7.11.170.102

AVG

Generic

2015.0.3281

Baidu Antivirus

Adware.Win64.Crossrider

4.0.3.141124

herdProtect (fuzzy)

variant of supersocket.clientengine.protocol_iobitdel.dll (Adware)

2014.11.24.7

IKARUS anti.virus

PUA.Plush

t3scan.1.6.1.0

Kaspersky

Trojan.NSIS.GoogUpdate

14.0.0.2900

McAfee

Artemis!DDF2611F28DC

5600.6937

Panda Antivirus

Trj/Chgt.E

14.11.24.02

Qihoo 360 Security

Win32/Virus.Adware.960

1.0.0.1015

Reason Heuristics

PUP.PaniPoniNetwork.FF

14.9.19.12

Sophos

Generic PUA CC

4.98

Trend Micro House Call

Suspicious_GEN.F47V0816

7.2.328

Vba32 AntiVirus

Trojan.GoogUpdate

3.12.26.3

File size:

19.4 KB (19,872 bytes)

Product version:

0.3.0.0

Original file name:

SuperSocket.ClientEngine.Protocol.dll

File type:

Dynamic link library (Win32 DLL)

Language:

Language Neutral

Common path:

C:\Program Files\videos+ mediaplayer+\supersocket.clientengine.protocol.dll

Digital Signature

Signed by:

Pani Poni Network

Authority:

COMODO CA Limited

Valid from:

8/28/2014 2:00:00 AM

Valid to:

8/29/2015 1:59:59 AM

Subject:

CN=Pani Poni Network, O=Pani Poni Network, STREET=Athinodorou 3, STREET=Dasoupoli Strovolos, L=Nicosia, S=Cyprus, PostalCode=2025, C=CY

Issuer:

CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:

00D7E501E7ADAA5764867C0B6158D78CDF

File PE Metadata

Compilation timestamp:

4/11/2014 4:22:22 PM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows Console

Linker version:

11.0

.NET CLR dependent:

Yes

CTPH (ssdeep):

192:W4sRQRZgwP1UOIQm5BF3MLpEJO/QNeDTI3kxADFz9PlVls8G7HZEIBeO+fcccWaT:R0K1XmogLQQkmW8GdaO6cWmgLq0OAl8B

Entry address:

0x51CE

Entry point:

FF, 25, 00, 20, 00, 10, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 01, 00, 10, 00, 00, 00, 18, 00, 00, 80, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 01, 00, 01, 00, 00, 00, 30, 00, 00, 80, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 01, 00, 00, 00, 00, 00, 48, 00, 00, 00, 58, 60, 00, 00, 44, 04... 
[+]

Entropy:

5.9596

Developed / compiled with:

Microsoft Visual C# / Basic .NET

Code size:

12.5 KB (12,800 bytes)

The file SuperSocket.ClientEngine.Protocol.dll has been discovered within the following program.

videos+ MediaPlayer+ by Gogo Network Club

This is a potentially unwanted adware program that injects ads into the user's browser. This includes inserting into web pages or displaying ads over parts of existing web page advertisements, banners, coupons or text links that would not otherwise appear.

crossrider.com

88% remove it

Remove SuperSocket.ClientEngine.Protocol.dll - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.